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IN THE CLAIMS 

For the convenience of the Examiner, all pending claims of the present Application 
are presented below whether or not an amendment has been made. Please amend the claims 
as follows: 



Claims 1 - 26 (Canceled) 



27. (Currently Amended) A method for preventing hostile use of computer 
resources by an application running on a workstation, comprising: 

providing, on a workstation, a pre-set list of applications permitted to run on the 
workstation and a list of one or more computer resources on the workstation te which that are 
not accessible to unspecified applications; 

providing a filter onaie workstation for receiving internal requests for computer 
resources resident on the workstation; 

receiving at the filter a request for access generated by an unspecified application 
downloaded to the workstation from a source external to the workstation, the request for 
access identifying a computer resource resident on the workstation to which the unspecified 
application seeks access; 

determining, by the filter on the workstation, that the unspecified application is not 
identifiable in the pre-set list of applications; 

determining, by the filter on the workstation, whether the requested computer 
resource is on the list of one or more computer resources that are not accessible to 
unspecified applications; 

allowing access to the requested computer resource if the requested computer 
resource is not on the list of one or more computer resources that are not accessible to 
unspecified applications : and 

preventing access to the requested computer resource if the requested computer 
resource is on the list of one or more computer resources that are not accessible to 
unspecified applications . 
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28. (Currently Amended) The method of Claim 27, wherein the list of one or 
more computer resources t hat are not accessible to unspecified annlicarions comprises a look- 
up table. 

29. (Previously presented) The method of Claim 27, wherein the requested 
computer resource is selected from the group consisting of a memory allocation, a file, and a 
directory. 

30. (Previously presented) The method of Claim 27, wherein the requested 
computer resource is selected from the group consisting of a copy command, a delete 
command, and a compress command. 

31. (Previously presented) The method of Claim 27, wherein the requested 
computer resource comprises an operation that when performed leads to a permanent change 
in the workstation. 

32. (Previously presented) The method of Claim 27, wherein receiving the 
request comprises receiving a direct request generated by the unspecified application. 

33. (Previously presented) The method of Claim 27, wherein receiving the 
request comprises receiving an indirect request generated by the unspecified application. 

34. (Currently Amended) The method of Claim 27, wherein the list of one or 
more computer resources that are not accessible to unsn.n^H comprises a list 
of one or more computer resources that the unspecified application may use during operations 
performed by the unspecified application. 



DAL01:966916.1 



ATTORNEY DOCKET NO. 
063170.6607 



4 



PATENT APPLICATION 
SERIAL NO. 09/622,959 



35. (Withdrawn) A method for preventing hostile use of computer resources by 
an application running on a workstation, comprising: 

providing a filter on a workstation for receiving internal requests for computer 
resources resident on the workstation; 

receiving at the filter a request for access from an application resident on the 
workstation, the request for access identifying a computer resource resident on the 
workstation, 

determining if the request for access has exceeded a pre-set threshold identifying a 
limited number of processes that may be initiated by the application; 

allowing access to the requested computer resource if the request for access has not 
exceeded the pre-set threshold; and 

preventing access to the requested computer resource if the request for access has 
exceeded the pre-set threshold. 

36. (Withdrawn) The method of Claim 35, wherein the application from which 
the request for access is received comprises an unspecified application downloaded to the 
workstation from a source external to the workstation, the unspecified application not 
identifiable in a pre-set list of hostile applications. 

37. (Withdrawn) The method of Claim 35, wherein the requested computer 
resource is selected from the group consisting of a memory allocation, a file, and a directory. 

38. (Withdrawn) The method of Claim 35, wherein the requested computer 
resource is selected from the group consisting of a copy command, a delete command, and a 

compress command. 

39. (Withdrawn) The method of Claim 35, wherein the requested computer 
resource comprises an operation that when performed leads to a permanent change in the 
workstation. 

40. (Withdrawn) The method of Claim 35, wherein receiving the request 
comprises receiving a direct request generated by the unspecified application. 
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41. (Withdrawn) The method of Claim 35, wherein receiving the request 
comprises receiving an indirect request generated by the unspecified application. 

42. (Currently Amended) A workstation for preventing hostile use of computer 
resources by an application running on the workstation, comprising: 

a memory operable to store one or more applications, at least one application 
comprising an unspecified application received from the network as a downloadable 
application; and 

a processor on a workstation coupled to the memory and operable to: 

maintain a pre-set list of applications permitted to run on the workstation and a 
list of one or more computer resources on the workstation that are not accessible to any 
unspecified applications; 

in response to a request received from the unspecified application, determine 
that the unspecified application is not identifiable in the pre-set list of applications; 

determine whether a requested computer resource is on the list of one or more 
computer resources on the workstation that are not accessible to any unspecified applications; 

allow access to the requested computer resource if the requested computer 
resource is not on the list of one or more computer resources that are not a ,r..,^ my 
unspecified applications : and 

prevent access to the requested computer resource if the requested computer 
resource is on the list of one or more computer resources that are not ^ih lp t„ my 
unspecified applications 

43. (Currently Amended) The workstation of Claim 42, wherein the list of one 
or more computer resources that are not accessible to m v nn T ^.ified annlic^W comprises 
a look-up table. 



44. (Previously Presented) The workstation of Claim 42, wherein the requested 
computer resource is selected from the group consisting of a memory allocation, a file, and a 

directory. 



DALO 1:9669 16.1 



ATTORNEY DOCKET NO. 
063170.6607 



6 



PATENT APPLICATION 
SERIAL NO. 09/622,959 



45. (Previously Presented) The workstation of Claim 42, wherein the requested 
computer resource is selected from the group consisting of a copy command, a delete 
command, and a compress command. 

46. (Previously Presented) The workstation of Claim 42, wherein the requested 
computer resource comprises an operation that when performed leads to a permanent change 
in the workstation. 



47. (Previously Presented) The workstation of Claim 42, wherein the request 
from the unspecified application comprises a direct request. 

48. (Previously Presented) The workstation of Claim 42, wherein the request 
from the unspecified application comprises an indirect request. 

49. (Currently Amended) The workstation of Claim 42, wherein the list of one 
or more computer resources that are not accessible to anv unspecified annli^tiW comprises 
a list of one or more computer resources that the unspecified application may use during 
operations performed by the unspecified application. 

50. (Withdrawn) A workstation for preventing hostile use of computer resources 
by an application running on the workstation, comprising: 

a memory operable to store one or more applications; and 

a processor in communication with the memory and operable to: 

in response to a received request for access, determine if the request has 

exceeded a pre-set threshold identifying a limited number of processes that may be initiated 

by an application; 

allow access to the requested computer resource if the request for access has 
not exceeded the pre-set threshold; and 

prevent access to the requested computer resource if the request for access has 
exceeded the pre-set threshold. 
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51 . (Withdrawn) The workstation of Claim 50, wherein at least one of the one or 
more applications comprise an unspecified application downloaded to the workstation from a 
source external to the workstation, the unspecified application not identifiable in a pre-set list 
of hostile applications. 



52. (Withdrawn) The workstation of Claim 50, wherein the requested computer 
resource is selected from the group consisting of a memory allocation, a file, and a directory. 

53. (Withdrawn) The workstation of Claim 50, wherein the requested computer 
resource is selected from the group consisting of a copy command, a delete command, and a 
compress command. 



54. 



(Withdrawn) The workstation of Claim 50, wherein the requested computer 
resource comprises an operation that when performed leads to a permanent change in the 
workstation. 



55. (Withdrawn) The workstation of Claim 50, wherein the request from the 
unspecified application comprises a direct request. 

56. (Withdrawn) The workstation of Claim 50, wherein the request from the 
unspecified application comprises an indirect request. 
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57. (Currently Amended) Logic for preventing hostile use of computer 
resources by an application running on a workstation, the logic encoded in media and 
operable when executed to: 

maintain, on a workstation, a pre-set list of applications permitted to run on the 
workstation and a list of one or more computer resources on the workstation t© which that are 
not accessible to unspecified applications; 

provide a filter on a workstation for receiving internal requests for computer resources 
resident on the workstation; 

receive at the filter a request for access generated by an unspecified application 
downloaded to the workstation from a source external to the workstation, the request for 
access identifying a computer resource resident on the workstation to which the unspecified 
application seeks access; 

determine, by the filter on the workstation, that the unspecified application is not 
identifiable in the pre-set list of applications permitted to run on the workstation; 

determine, by the filter on the workstation, whether the requested computer resource 
is on the list of one or more computer resources that are not accessible to unspecified 
applications; 

allow access to the requested computer resource if the requested computer resource is 
not on the list of one or more computer resources that are not accessible to iinsp ^ifi^ 
applications : and 

prevent access to the requested computer resource if the requested computer resource 
is on the list of one or more computer resources that are not accessible to imsp ^fi^ 
applications . 

58. (Currently Amended) The logic of Claim 57, wherein the list of one or more 
computer resources that are not accessible to anv un specified ap plications comprises a look- 
up table. 

59. (Previously presented) The logic of Claim 57, wherein the requested 
computer resource is selected from the group consisting of a memory allocation, a file, and a 
directory. 
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60. (Previously presented) The logic of Claim 57, wherein the requested 
computer resource is selected from the group consisting of a copy command, a delete 
command, and a compress command. 

61. (Previously presented) The logic of Claim 57, wherein the requested 
computer resource comprises an operation that when performed leads to a permanent change 
in the workstation. 

62. (Previously presented) The logic of Claim 57, wherein receiving the request 
comprises receiving a direct request generated by the unspecified application. 

63. (Previously presented) The logic of Claim 57, wherein receiving the request 
comprises receiving an indirect request generated by the unspecified application. 

64. (Currently Amended) The logic of Claim 57, wherein the list of one or more 
computer resources that are not accessible to anv unsp^fi.H ^piw.-^, comprises a ^ of 
one or more computer resources that the unspecified application may use during operations 
performed by the unspecified application. 

65. (Withdrawn) Logic for preventing hostile use of computer resources by an 
application running on a workstation, the logic encoded in media and operable when executed 
to: 

provide a filter on a workstation for receiving internal requests for computer resources 
resident on the workstation; 

receive at the filter a request for access from an application resident on the 
workstation, the request for access identifying a computer resource resident on the 
workstation, 

determine if the request for access has exceeded a pre-set threshold identifying a 
limited number of processes that may be initiated by the application; 

allow access to the requested computer resource if the request for access has not 
exceeded the pre-set threshold; and 
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prevent access to the requested computer resource if the request for access has 
exceeded the pre-set threshold. 

66. (Withdrawn) The logic of Claim 65, wherein the application from which the 
request for access is received comprises an unspecified application downloaded to the 
workstation from a source external to the workstation, the unspecified application not 
identifiable in a pre-set list of hostile applications. 

67. (Withdrawn) The logic of Claim 65, wherein the requested computer 
resource is selected from the group consisting of a memory allocation, a file, and a directory. 

68. (Withdrawn) The logic of Claim 65, wherein the requested computer 
resource is selected from the group consisting of a copy command, a delete command, and a 
compress command. 

69. (Withdrawn) The logic of Claim 65, wherein the requested computer 
resource comprises an operation that when performed leads to a permanent change in the 

workstation. 

70. (Withdrawn) The logic of Claim 65, wherein receiving the request comprises 
receiving a direct request generated by the unspecified application. 

71. (Withdrawn) The logic of Claim 65, wherein receiving the request comprises 
receiving an indirect request generated by the unspecified application. 
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